| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1107807880.5021.16.camel@localhost.localdomain> From: barrie at reboot-robot.net (Barrie Dempster) Subject: Re: SSH probe attack afoot? On Sun, 2005-02-06 at 10:09 -0500, Bernie Cosell wrote: > We're now getting hammered with the third round of ssh probes in the last > four days [one from CA, one from Brazil and one from Virginia]. I was > wondering: is there some virus or the like floating around now that > leaves an ssh-hammering zombie in its wake? Or is it just coincidental > that we have gotten three floods? > > [the probes are just dozens of random-seeming login attempts with a bunch > of root-password-guesses interspersed] > > /Bernie\ Multiple SSH brute force tools,which has been covered on this list and others a few times over the last year. http://www.securityfocus.com/archive/75/200407271059.11940.robin@kallisti.net.nz/2005-02-04/2005-02-10/0 http://www.google.com/search?num=100&hl=en&safe=off&q=ssh+brute +force&spell=1 -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue blog: http://zeedo.blogspot.com site: http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050207/63a1c4eb/attachment.bin
Powered by blists - more mailing lists